Computer Quarantines

by Brent Kirkpatrick

(Date Published: 2/27/2018.)

Quarantining hacked computers is often necessary to contain hacking.

The act of isolating infected computers can save other computers from being hacked. Quarantine occurs in degrees: from powering-down an infected machine to using firewalls to block the intrusive communications.

The steps of quarantine for a hacked computer are

disable wireless

unplug the ethernet network

turn off the computer

investigate to determine which protocols and ports are producing intrusions

This is a list of escalating steps for quarantine.

After successful quarantine, the remainder of the network will be safe from the intrusions that originated from the quarantined computer. This makes quarantine an essential step in the containment process.

Indeed, cycles of escalating quarantine for multiple computers are usually required for containment. Part of successful quarantine might involve patching some computers in the network and updates to firewall rules.